Connecting Idealstack Sites to Other AWS Services

 

One of the great benefits of hosting on AWS with Idealstack is the ability to “plug in” other AWS services.  As you grow and your tech stack evolves you may find yourself needing other services such as search engines, cache engines, NoSQL databases, image recognition or text analysis - AWS has hundreds of services and many have potential to "plug in" to a website.

Since your Idealstack cluster runs on your own AWS account you can connect these services to Idealstack securely and easily.  How you do so depends on the type of service:

• Some AWS services use Network-based security for access control.  Examples of these are RDS, EFS, EC2, Elasticache. For these types of services you would connect them to Idealstack using VPC Peering, as described in our doc: Connecting shared resources in another VPC to Idealstack

• Many other AWS services use IAM for access control.  Examples of these are S3, DynamoDB, SQS and more. One way to connect to these systems is to create an IAM user and set the API credentials in your app - but there’s a more secure way to do it - use an IAM policy associated with the site.  Use Connecting AWS services to Idealstack sites securely using IAM policies